Delegates from Germany, Spain, the United Kingdom, the Netherlands, Belgium, and Europol—the European Union's criminal intelligence agency—will gather in London this September as part of a project to cleanse the Internet (or at least the European section of the Internet) from "terrorist websites." And they have European Union money to do it.

The CleanIT project hopes to develop a flagging system for “terrorist” content. It wouldn't be mandatory, but Internet providers would be encouraged to take down or block the flagged material. The aim is to create “a non-legislative 'framework' that consists of general principles and best practices… to counter the illegal use of Internet,” says the group.

But who is a terrorist? And what's a terrorist website? Would there be an appeal process? No one is really sure yet.

“These principles can be used as a guideline or gentleman’s agreement, and can be adopted by many partners,” the group states on its website. “They will describe responsibilities and concrete steps public and private partners can take to counter the illegal use of Internet.”

This CleanIT campaign is spearheaded by But Klaasen, the Dutch national coordinator for counterterrorism and security.

“We feel that there is a gap between legislation and how the Internet works,” he told Ars. “For a hosting company—it’s hard for a company to evaluate something that’s illegal. We cannot expect from the hosting company whether or not to evaluate whether it’s illegal. At some point it’s notified. What we try to do is to help them, to see in [these] cases what [the host] should do."

“There a lot of cases in Europe where terrorists are caught because of what they said on the Internet,” Klaasen added. “In our country, having speech doesn’t mean you have unlimited freedom. There are boundaries within freedom of speech. There are limits.”

The limits of speech

European civil libertarians and digital activists have two main problems with CleanIT. First is their opposition on freedom of speech grounds.

In the United States, citizens have the more-or-less blanket right to express ideas, and that includes hate speech. (Some limits do exist, especially with regard to encouraging violence.) The operating principle has generally been that undesirable speech should be countered with more speech, not less.

That’s not the approach taken in Europe, where hate speech is most definitely not protected. Many European Union states (and even some non-EU countries in Europe) have various types of anti-hate speech legal mechanisms, in part to head off terrorism and far-right violence. But the CleanIT project would brand entire websites as illegitimate and call for their takedown. Is it the right precedent to set?

“If the European Union decides that extremist views do not belong on the Internet, will [it] then be all right for China, Indonesia and Syria to come to a similar decision?” wrote Willemien Groot in a December 2011 opinion piece on the website of Radio Netherlands Worldwide. “Every country will be able to ban what it decides are extremist views. Indonesia can quietly continue working on its own internal code of conduct that every Internet user will be forced to adhere to.”

This, of course, is what already takes place. France was able to push Yahoo to remove the auction of historical Nazi material, various European courts have required website blocking of sites like The Pirate Bay, while Iran and China frequently top the list of countries that heavily censor and surveil their domestic networks. The real question isn't about whether this should happen—it already does—but where European nations should draw their own lines around online speech, and who gets to decide what's in and what's out.

"There is no fixed definition of what is extreme," said Arthur van der Wees, an IT lawyer in Amsterdam, in an interview with Ars. "If you look at the French Revolution, who was extreme? Was it the royalty or the other guys?"

Who needs a "law"?

Enlarge/ Bits of Freedom is just one of the European organizations opposed to CleanIT.

The CleanIT project, should it actually move forward, might come into conflict with the Charter of the Fundamental Rights of the European Union. Under Article 11, the Charter states: “Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers.”

Further down, under Article 52, the Charter allows for various limitations to be legally imposed, but it reiterates that those restrictions must be “provided for by law and respect the essence of those rights and freedoms.” CleanIT doesn't want to create new laws, however.

Because of this, many digital rights organizations in Europe call the entire project overbroad—and designed to circumvent existing judicial and legislative structures. “There’s no due process, no presumption of innocence,” said Joe McNamee, the head of European Digital Rights, in an interview with Ars.

For the moment, CleanIT only has participants from the tech industry and government, and very little involvement from outside groups and from the public. That’s one of the main problems that the Dutch online advocacy group Bits of Freedom has with the project.

“Any restriction on freedom of communications and privacy by the government must be based on formal law,” wrote Rejo Zenger, one of the organization’s leaders, in an e-mail sent to Ars. “This is a requirement set in the European human rights treaties. It's there for a reason: such rules must be created in full transparency and the parliament must be able to reject proposals when it sees fit.”

The borderless Internet

More fundamentally, even if all the debates about speech and law can be worked out, practical concerns arise. What happens if a banned site simply moves its hosting outside the European Union—to Switzerland, Iceland, Serbia, Russia, Turkey, or even farther afield, to the United States or Japan?

Klaasen admits that "there will be a problem indeed if the website pops up in a country where it is allowed. There we reach the limitations of this project. That’s why it’s limited to EU. We have the EU legislation as a base. The first step we can take is to have all the servers installed in Europe be cleared of illegal material.”

"The name of the project is a bit too ambitious, but the subtitle—'reducing the impact'—is exactly what they’re trying to do," said van der Wees, the Dutch lawyer.

Klaasen, like other CleanIT supporters, argues that such baby steps are better than nothing.

“Again, we don’t have the ambition to solve the problem of terrorists' use of the Internet for the whole world," he said. "Even if we know that the Internet is a global thing and we’re limited to European space—as a step, not a total solution—we know that in this case there’s no way, legally, to fight it.”